Breach of Clearview AI Server Exposed Source Code and More – Channel Futures

Caused by a misconfigured server, the security lapse is Clearviews second in two months.

A massive data breach of the Clearview AI server exposed source code, secret keys and pre-released developer versions of its apps. Clearview is a U.S. facial recognition firm serving U.S. law enforcement agencies and other organizations, The breach was reported in February. Clearview said at the time that although data had been accessed by unauthorized persons, its servers remained secure and its systems and network were not compromised. But now a compromised server has been found and it exposed massive amounts of information.

SpiderSilk, a Dubai-based cybersecurity firm, found a misconfigured server belonging to Clearview AI exposed Clearviews internal files, secret keys and credentials, apps, source code and employee messages.

Bitglasss Anurag Kahol

Clearview AIs latest security incident follows shortly after a data breach that compromised the companys client list. This time around, a misconfigured setting in Clearviews password-protected server allowed attackers to bypass authentication methods and gain access to the companys most sensitive internal files such as its source code, employees private messages and cloud storage buckets that hold copies of finished and pre-released developer versions of its app, said Anurag Kahol, CTO at Bitglass.

The company has come under fire over privacy concerns. It collects images from social media public profiles, usually without users or social media companies consent. Initially the company said it served only U.S. law enforcement, but several reports have come out since then naming private companies on the companys client list.

DivvyClouds Chris DeRamus

Clearview AI has gained a lot of attention not only from critics who are concerned about the privacy implications of its facial recognition technology, but also from hackers. Regardless of your personal feelings about the company, Clearviews second security lapse in just two months demonstrates how common misconfigurations are when companies lack proper cloud security strategies, and how easily threat actors can exploit these vulnerabilities, said Chris DeRamus, CTO of DivvyCloud.

DivvyClouds latest report found that the number of records exposed by miscongurations rose by 80% from 2018 to 2019. Further, the researchers reported that more than 33 billion records were exposed this way over the last two years.

Bad actors could steal the exposed information for a competing company or leverage the secret keys and credentials to gain access to even more private information as people commonly reuse their passwords across multiple accounts, said Kahol.

But this Clearview AI incident comes with a wicked twist.

Usually, when we talk about breaches and cloud misconfigurations, its customer or employee data that is at risk, but this is an example of a security incident that is putting a companys intellectual property at risk, said Kahol.

But with every breach comes lessons learned for security partners. Savvy MSSPs take note and adjust their services to better protect their clients.

This particular misconfiguration incident highlights the need for enterprises to adopt least-privileged access across cloud environments, including a robust approach to identity and access management (IAM). In these environments, everything has an identity users, applications, services, and systems, said DeRamus.

Organizations must implement multifactor authentication (MFA) for all users, securely manage service accounts and their corresponding keys, enforce least-privileged access, and enforce best practices for the use of audit logs and cloud logging roles, DeRamus added.

See the article here:
Breach of Clearview AI Server Exposed Source Code and More - Channel Futures

Related Posts

Comments are closed.